The rise of malware created specifically for endpoints like mobile devices is forcing IT Security teams to focus increasingly on endpoint security solutions. According to a survey by the Ponemon Institute[1] published in January, 75 percent of respondents (an increase from 68 percent in last year’s study) believe their mobile endpoints have been the target of malware over the past 12 months. Read More »

As IT organizations look to the cloud to become more efficient and achieve the agility their business demands, one of the biggest security challenges they typically face is right at the heart of any enterprise – the data center. In cloud environments, where applications have to be location-independent and mobile, it can be overwhelming to manage traffic that needs to go to specific security services when you have applications that are mobile, but physical security that’s not. To secure these virtual and mobile applications, a new security framework must be deployed – one that works equally well within the physical and virtualization layer of the data center, and addresses additional requirements of scalable, multitenant environments. Read More »

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 8 bulletins being released which address 45 CVE. Two of the bulletins are listed as Critical and address vulnerabilities in Internet Explorer and Windows Media Player. The remaining six bulletins are marked as Important and address vulnerabilities in Microsoft Office, Windows Kernel, Active Directory, Microsoft Exchange Server, and Microsoft Common Controls.

It’s impossible to turn on a TV or read a newspaper without hearing about cybersecurity breaches. Security is top of mind for everyone, and it’s definitely a top priority for Cisco.

Yesterday, at Cisco Live 2015 in San Diego, CA, we announced “Security Everywhere.” The Internet of Everything has generated new business models, better work environments, and consumer experiences. It has also opened more opportunities for hackers. Our new portfolio embeds security across the extended network, from the data center to endpoints, branch offices, and the cloud. This provides threat visibility and control. By integrating “Security Everywhere,” you can deliver the security requirements demanded by today’s dynamic threat landscape, and capture emerging business opportunities.

I’d like to highlight some of the solutions that will help you. Read More »

Jeff Aboud, Sr. Solutions Marketing Manager, Security Markets, Splunk Jeff Aboud has more than a dozen years in various areas of the security industry, spanning from the desktop to the cloud, including desktop AV, gateway hardware and software, encryption technologies, and how to securely embrace the Internet of Things. His primary focus today is to help business and security professionals understand how to visualize, analyze, and alert across a broad range of data sources in real time to maximize their security posture.

It’s no secret that advanced threats and malicious insiders present increasing security challenges to organizations of all sizes. Security professionals know that it’s not matter a question of if, but when an attack will successfully breach their network. Visibility is often what makes the difference between a breach and a major security incident, and enables proactive security posture throughout the attack continuum – before, during, and after the attack. It’s also essential to understand that the fingerprints of an advanced threat are often located in the “non-security” data, so the effective detection and investigation of these threats, before your data is stolen, requires security and non-security data.

So what does all this really mean, and how can you use it do dramatically improve your security posture?

You need to integrate and correlate the data from your firewalls, intrusion prevention, anti-malware, and other security-specific solutions along with your “non-security” data such as the logs and packet information from your servers, switches, and routers. This is no easy task with the large number of different security solutions present in most enterprise networks. But having all your data at your fingertips will help you improve your detection capabilities and automate the remediation of advanced threats.

But how can you do this, since Security Information and Event Management (SIEM) systems only look at traditional security sources? The partnership between Splunk and Cisco is the answer. Splunk is integrated across Cisco security platforms, as well as other places throughout the network including various Cisco switches, routers and Cisco Unified Computing Systems (UCS) to deliver broad visibility across your environment.

Together, Splunk and Cisco provide security and incident response teams the tools they need to quickly identify advanced threats, visualize them in real-time across potentially thousands of data sources, and take automated remediation action on Cisco firewalls and intrusion prevention systems. Read More »

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.